{"id":17674,"date":"2019-02-23T08:53:46","date_gmt":"2019-02-23T16:53:46","guid":{"rendered":"https:\/\/www.podfeet.com\/blog\/?p=17674"},"modified":"2019-02-23T08:54:57","modified_gmt":"2019-02-23T16:54:57","slug":"sb-2019-02-22","status":"publish","type":"post","link":"https:\/\/www.podfeet.com\/blog\/2019\/02\/sb-2019-02-22\/","title":{"rendered":"Security Bits \u2013 22 February 2019"},"content":{"rendered":"<h3>Followup<\/h3>\n<ul>\n<li>Last time we mentioned that leaks indicated that Microsoft would be doubling their support fee for Windows 7 each after it&#8217;s <em>Extended Support Period<\/em> ends next January, we now have the official details: <a href=\"https:\/\/www.techspot.com\/news\/78629-microsoft-reveals-how-much-windows-7-extended-support.html\">www.techspot.com\/\u2026<\/a>\n<ul>\n<li><em>Extended Security Updates<\/em> (ESUs) will only be available for business and education customers, and only for 3 years to January 2023<\/li>\n<li><em>Extended Security Updates<\/em> (ESUs) will be charged per-device-per-year, no bulk discounts or anything like that<\/li>\n<li>Windows 7 Enterprise will be $25 \u2192 $50 \u2192 $100 per-device-per-year<\/li>\n<li>Windows 7 Pro will be $50 \u2192 $100 \u2192 $200 per-device-per-year<br \/>\n<!--more--><\/li>\n<\/ul>\n<\/li>\n<li>More companies are found to be abusing Apple&#8217;s Enterprise Developer program\n<ul>\n<li><a href=\"https:\/\/arstechnica.com\/?p=1457019\">Gambling, porn, and piracy on iOS: Apple\u2019s enterprise certificate woes continue \u2014 arstechnica.com<\/a><\/li>\n<li><a href=\"https:\/\/daringfireball.net\/linked\/2019\/02\/12\/constine-enterprise-apps\">Apple Fails to Block Porn and Gambling &#8216;Enterprise&#8217; Apps \u2014 daringfireball.net\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.reuters.com\/article\/us-apple-piracy\/software-pirates-use-apple-tech-to-put-hacked-apps-on-iphones-idUSKCN1Q3097\">Software pirates use Apple tech to put hacked apps on iPhones \u2014 www.reuters.com\/\u2026<\/a><\/li>\n<li>In probably related news, Apple are tightening security on developer accounts by forcing 2FA \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/02\/15\/apple-fighting-pirate-app-developers-will-insist-on-2fa-for-coders\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>The new WhatsApp biometric unlock feature released earlier this month has been found to have a bug \u2014 unless you set the timeout to &#8216;Immediately&#8217;, the iOS share sheet can be used to get around the lock. Facebook have promised to release a fix soon, and in the mean time are advising users to set the lock option to &#8216;Immediately&#8217; \u2014 <a href=\"https:\/\/9to5mac.com\/2019\/02\/21\/whatsapp-security-vulnerability\/\">9to5mac.com\/\u2026<\/a><\/li>\n<li>FaceBook say they are shutting down their controversial Onavo VPN and accompanying &#8216;research&#8217; app \u2014 <a href=\"https:\/\/techcrunch.com\/2019\/02\/21\/facebook-removes-onavo\/\">techcrunch.com\/\u2026<\/a><\/li>\n<\/ul>\n<h3>Notable Security Updates<\/h3>\n<ul>\n<li>February&#8217;s <em>Patch Tuesday<\/em> has been and gone with the usual updates form Microsoft and Adobe. Of particular note is a patch for an IE Zero-day bug \u2014 <a href=\"https:\/\/krebsonsecurity.com\/2019\/02\/patch-tuesday-february-2019-edition\/\">krebsonsecurity.com\/\u2026<\/a> &amp; <a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/02\/14\/update-now-microsoft-and-adobes-february-2019-patch-tuesday-is-here\/\">nakedsecurity.sophos.com\/\u2026<\/a>\n<ul>\n<li>Adobe released and out-of-band emergency patch for Acrobat &amp; Reader on the 21<sup>st<\/sup> of February \u2014 <a href=\"https:\/\/helpx.adobe.com\/security\/products\/acrobat\/apsb19-13.html\">helpx.adobe.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>WinRAR has patched a nasty code execution bug that has existed for 14 years \u2014 <a href=\"https:\/\/arstechnica.com\/information-technology\/2019\/02\/nasty-code-execution-bug-in-winrar-threatened-millions-of-users-for-14-years\/\">arstechnica.com\/\u2026<\/a><\/li>\n<li>Drupal have released a &#8216;Highly Critical&#8217; update for their popular CMS \u2014 <a href=\"https:\/\/www.drupal.org\/sa-core-2019-003\">www.drupal.org\/\u2026<\/a><\/li>\n<\/ul>\n<h3>Notable News<\/h3>\n<ul>\n<li>Data from UK fraud prevention group <a href=\"https:\/\/www.cifas.org.uk\/about-cifas\/what-is-cifas\">Cifas<\/a> shows that teens are being successfully scammed into being money mules (<strong>Editorial by Bart<\/strong> the Irish police were warning very strongly about this at a recent conference for Irish 3rd-level IT staff too. This is not just a UK problem, and it is resulting in young people getting prosecuted and ending up with criminal records \u2013 be careful!) \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/02\/11\/get-rich-quick-social-media-scams-are-turning-teens-into-money-mules\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>The <em>O.MG Cable<\/em> is a proof-of-concept USB cable that looks like a regular cable, but is actually a keyboard and mouse with a wifi receiver. It illustrates a much bigger point \u2014 never plug anything you don&#8217;t trust into any port on any of your computers! \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/02\/13\/evil-usb-o-mg-cable-opens-up-wi-fi-to-remote-attacks\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>New research has highlighted different ways in which the various popular password managers leave passwords in memory while the apps are running. The bottom line is that in order for these vulnerabilities to be attacked your computer must already be infected with malware, at which point all bets are off anyway. The advice from security experts like Sophos&#8217;s Naked Security Team remains the same: <strong>use a password manager<\/strong> \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/02\/21\/password-managers-leaking-data-in-memory-but-you-should-still-use-one\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>&#x1f1ec;&#x1f1e7; A UK government report has found that FaceBook <em>\u201cintentionally and knowingly violated both data privacy and anti-competition laws\u201d<\/em> and at one point describes the company as behaving like <em>&#8216;digital gangsters&#8217;<\/em> \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/02\/19\/facebook-acts-like-a-law-breaking-digital-gangster-says-official-report\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>&#x1f1fa;&#x1f1f8; Court filings show that the US government has been lying about not sharing the Terror Watch List with private organisations, they actually share a sub-set of it with 1,400 private companies \u2014 <a href=\"https:\/\/www.stripes.com\/news\/us\/feds-share-watch-list-with-1-400-private-groups-1.569308\">www.stripes.com\/\u2026<\/a><\/li>\n<li>Nest (owned by Google) has come under fire for not previously disclosing that their <em>Nest Guard<\/em> security systems have have built-in microphones that were not listed as existing on the packaging or in the documentation \u2014 <a href=\"https:\/\/www.businessinsider.com\/nest-microphone-was-never-supposed-to-be-a-secret-2019-2?r=DE&amp;IR=T\">www.businessinsider.com\/\u2026<\/a> &amp; <a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/02\/21\/sorry-we-didnt-mean-to-keep-that-secret-microphone-a-secret-says-google\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/02\/19\/thousands-of-android-apps-bypass-advertising-id-to-track-users\/\">Thousands of Android apps bypass Advertising ID to track users \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>YouTube have updated their <em>&#8216;strikes&#8217;<\/em> rules to simplify and hopefully strengthen them \u2014 <a href=\"https:\/\/www.macobserver.com\/news\/youtube-updates-strike-guidelines\/\">www.macobserver.com\/\u2026<\/a><\/li>\n<li>While Android itself doesn&#8217;t support three-level location privacy settings like iOS does (iOS allows <em>never<\/em>, <em>when using the app<\/em>, and <em>always<\/em>, while Android only allows <em>never<\/em> and <em>always<\/em>), Facebook have updated their Android app to allow users limit the app&#8217;s use of location data to only when the app is in use \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/02\/22\/facebook-lets-android-users-block-location-tracking\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>A heads up to remaining Windows 7 users, Microsoft will be pushing a mandatory security update to upgrade the hashing algorithm used to verify software updates, if you don&#8217;t install it you&#8217;ll stop receiving security updates this summer \u2014 <a href=\"https:\/\/arstechnica.com\/?p=1459215\">arstechnica.com\/\u2026<\/a><\/li>\n<\/ul>\n<h3>Suggested Reading<\/h3>\n<ul>\n<li>PSAs, Tips &amp; Advice\n<ul>\n<li><a href=\"https:\/\/www.intego.com\/mac-security-blog\/how-to-securely-dispose-of-old-hard-drives-and-ssds\/\">How to Securely Dispose of Old Hard Drives and SSDs \u2014 www.intego.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Notable Breaches &amp; Privacy Violations\n<ul>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/mumsnet-updates-users-on-security-flaw\/\">Mumsnet Updates Users on Security Flaw \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li>&#x2b50;&#xfe0f; <a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/02\/13\/620-million-records-from-16-websites-listed-for-sale-on-the-dark-web\/\">620 million records from 16 websites listed for sale on the Dark Web \u2014 nakedsecurity.sophos.com\/\u2026<\/a> &amp; <a href=\"https:\/\/www.theregister.co.uk\/2019\/02\/11\/620_million_hacked_accounts_dark_web\/\">www.theregister.co.uk\/\u2026<\/a>\n<ul>\n<li>The dump consisted of credentials for the following 16 sites: Dubsmash (162M), MyFitnessPal (151M), MyHeritage (92M), ShareThis (41M), HauteLook (28M), Animoto (25M), EyeEm (22M), 8fit (20M), Whitepages (18M), Fotolog (16M), 500px (15M), Armor Games (11M), BookMate (8M), CoffeeMeetsBagel (6M), Artsy (1M), and DataCamp (700K)<\/li>\n<li>The data includes hashed passwords<\/li>\n<\/ul>\n<\/li>\n<li>&#x1f1e8;&#x1f1f3; <a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/02\/15\/chinese-facial-recognition-database-exposes-25m-people\/\">Chinese facial recognition database exposes 2.5m people \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/02\/18\/mega-crackers-back-with-nearly-100-million-new-stolen-data-records\/\">Mega-crackers back with nearly 100 million new stolen data records \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/02\/19\/if-you-think-your-deleted-twitter-dms-are-sliding-into-the-trash-youre-wrong\/\">If you think your deleted Twitter DMs are sliding into the trash, you\u2019re wrong \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/02\/19\/milions-of-private-medical-calls-exposed-on-internet\/\">Millions of \u201cprivate\u201d medical helpline calls exposed on internet \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>News\n<ul>\n<li>&#x2b50;&#xfe0f; <a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/02\/12\/linux-container-bug-could-eat-your-server-from-the-inside-patch-now\/\">Linux container bug could eat your server from the inside \u2013 patch now! \u2014 nakedsecurity.sophos.com\/\u2026<\/a> (<strong>Editorial by Bart:<\/strong> starts with a great description of containerisation, and why it&#8217;s the new hotness in cloud computing)<\/li>\n<li>&#x2b50;&#xfe0f; CA Governor Gavin Newsom used is first state of the state address to suggest that CA citizens should be paid for the use of their personal data through some form of <em>data dividend<\/em> \u2014 <a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/02\/15\/should-we-profit-from-sale-of-our-personal-data\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/krebsonsecurity.com\/2019\/02\/email-provider-vfemail-suffers-catastrophic-hack\/\">Email Provider VFEmail Suffers \u2018Catastrophic\u2019 Hack \u2014 krebsonsecurity.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/link\/mozilla-valentines-security-guidelines\/\">Mozilla Calls on Retailers to Avoid Insecure Smart Devices \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li>&#x1f1ec;&#x1f1e7; <a href=\"https:\/\/www.macobserver.com\/news\/cairncross-report-uk-needs-regulator-to-restore-trust-in-online-news\/\">Cairncross Report: UK Needs Regulator to Restore Trust in Online News \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li>&#x1f1fa;&#x1f1f8; A federal judge has ruled that the reason a US government attempt to compel Facebook to decrypt messenger voice conversations failed will remain secret \u2014 <a href=\"https:\/\/www.reuters.com\/article\/us-facebook-encryption\/u-s-judge-keeps-documents-secret-in-facebook-encryption-case-idUSKCN1Q100X\">www.reuters.com\/\u2026<\/a> &amp; <a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/02\/15\/judge-wont-unseal-legal-docs-in-fight-to-break-messenger-encryption\/\">nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/02\/22\/flash-security-bypass-list-hidden-in-edge\/\">Flash \u201csecurity bypass\u201d list hidden in Microsoft Edge browser \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/02\/20\/facebook-tracks-users-it-thinks-may-harm-its-employees\/\">Facebook tracks users it thinks may harm its employees \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/facebook-blames-users-privacy\/\">Facebook Blames Users for Expectation of Privacy \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/02\/11\/you-can-now-unsend-messages-in-facebook-messenger\/\">You can now unsend messages in Facebook Messenger \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/02\/14\/google-paid-out-3-4m-in-bug-bounties-last-year\/\">Google paid out $3.4m in bug bounties last year \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Opinion &amp; Analysis\n<ul>\n<li>&#x2b50;&#xfe0f; A fascinating view into a real-world ransomware attack. The article does mention all the ways Sophos&#8217; software helped mitigate the attack, so it is a bit of an ad for Sophos as well as an interesting read: <a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/02\/14\/inside-a-gandcrab-targeted-ransomware-attack-on-a-hospital\/\">Inside a GandCrab targeted ransomware attack on a hospital \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li>&#x2b50;&#xfe0f; &#x1f1ea;&#x1f1fa; Good analysis of the controversial articles in the EU&#8217;s nascent Digital Copyright Directive which came a step closer to passing when the EU Council voted in favour of it this week (<a href=\"https:\/\/www.macobserver.com\/news\/eu-link-tax\/\">www.macobserver.com\/\u2026<\/a>), now the only place it can be blocked is in the European parliament, which is due to vote in March or April (if you&#8217;re in the EU, and if you have an informed opinion, contact your MEP (<a href=\"http:\/\/www.europarl.europa.eu\/meps\/en\/search\/advanced\">www.europarl.europa.eu\/\u2026<\/a>) and let them know how you&#8217;d like them to vote!):\n<ul>\n<li><a href=\"https:\/\/nakedsecurity.sophos.com\/2019\/02\/18\/will-the-eus-new-copyright-directive-ruin-the-web\/\">Will the EU\u2019s new copyright directive ruin the web? \u2014 nakedsecurity.sophos.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.eff.org\/deeplinks\/2019\/02\/final-version-eus-copyright-directive-worst-one-yet\">The Final Version of the EU&#8217;s Copyright Directive Is the Worst One Yet | Electronic Frontier Foundation \u2014 www.eff.org\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>&#x2b50;&#xfe0f; <a href=\"https:\/\/www.wired.co.uk\/article\/inrupt-tim-berners-lee\">How Tim Berners-Lee&#8217;s Inrupt project plans to fix the web \u2014 www.wired.co.uk\/\u2026<\/a>\n<ul>\n<li><strong>The key quote:<\/strong> <em>&#8220;The big idea behind Solid is that, instead of a company storing all your personal data on their servers, you would keep it on your own personal data \u201cpod\u201d, located on a Solid server. You could run your own server or host it with a provider, much like a personal website. You could then give individual apps permission to read and write to your pod. When you want to stop using an app, you just revoke its access.&#8221;<\/em><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<li>Propellor Beanie Territory\n<ul>\n<li><a href=\"https:\/\/krebsonsecurity.com\/2019\/02\/a-deep-dive-on-the-recent-widespread-dns-hijacking-attacks\/\">A Deep Dive on the Recent Widespread DNS Hijacking Attacks \u2014 krebsonsecurity.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/arstechnica.com\/?p=1454551\">Researchers use Intel SGX to put malware beyond the reach of antivirus software \u2014 arstechnica.com<\/a>\n<ul>\n<li><a href=\"https:\/\/gizmodo.com\/i-cut-the-big-five-tech-giants-from-my-life-it-was-hel-1831304194\">&#8220;I Cut the &#8216;Big Five&#8217; Tech Giants From My Life. It Was Hell&#8221; by Kashmir Hill<\/a>      <\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>Palate Cleansers<\/h3>\n<ul>\n<li>BackBlaze have released their latest annual HDD report (<a href=\"https:\/\/www.backblaze.com\/blog\/hard-drive-stats-for-2018\/\">www.backblaze.com\/\u2026<\/a>), the report itself makes for interesting reading, but if you want a 3rd-party interpretation, there&#8217;s a nice one from Cult of Mac: <a href=\"https:\/\/www.cultofmac.com\/605580\/hard-drive-failure-reliability-seagate-wd\/\">What 35 million days of real-world use tell us about which hard drive to buy \u2014 www.cultofmac.com\/\u2026<\/a><\/li>\n<li>A great chart illustrating just why iOS is generally much more secure than Android \u2014 <a href=\"https:\/\/twitter.com\/TestingPens\/status\/1094656248174104577\">twitter.com\/\u2026<\/a><\/li>\n<li>A wonderful farewell to the Opportunity Mars Rover from XKCD \u2014 <a href=\"https:\/\/xkcd.com\/2111\/\">xkcd.com\/\u2026<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Followup Last time we mentioned that leaks indicated that Microsoft would be doubling their support fee for Windows 7 each after it&#8217;s Extended Support Period ends next January, we now have the official details: www.techspot.com\/\u2026 Extended Security Updates (ESUs) will only be available for business and education customers, and only for 3 years to January [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":14958,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[147,214],"tags":[2650,3230,2060,1416,135,50,569],"class_list":["post-17674","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog-posts","category-security-bits","tag-breach","tag-hash","tag-malware","tag-password-manager","tag-passwords","tag-security","tag-security-bits"],"jetpack_featured_media_url":"https:\/\/www.podfeet.com\/blog\/wp-content\/uploads\/2018\/04\/Security-Bits-Logo_1000px.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/17674","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/comments?post=17674"}],"version-history":[{"count":3,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/17674\/revisions"}],"predecessor-version":[{"id":17677,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/17674\/revisions\/17677"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media\/14958"}],"wp:attachment":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media?parent=17674"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/categories?post=17674"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/tags?post=17674"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}